Applies To:

BIG-IQ Centralized Management

About security reporting

Reporting for BIG-IQ® Network Security

You can use BIG-IQ® Network Security Reporting to view reports for
managed BIG-IP® devices that are provisioned for Application Visibility and
Reporting (AVR). Reports can be for a single BIG-IP device or can contain aggregated data for
multiple BIG-IP devices (that are of the same BIG-IP device version).

Network Firewall, DoS and IP Intelligence reports can be created. Analytic reports provide
detailed metrics about application performance such as transactions per second, server and
client latency, request and response throughput, and sessions. Metrics are provided for
applications, virtual servers, pool members, URLs, specific countries, and additional detailed
statistics about application traffic running through one or more managed devices. You can view
the analytics reports for a single device, view aggregated reports for a group of devices, and
create custom lists to view analytics for only specified devices.

Reporting for BIG-IQ® Web Application Security

You can use BIG-IQ® Web Application Security Reporting to view reports
for managed BIG-IP® devices that are provisioned for Application Visibility
and Reporting (AVR). Similar to the availability of the AVR reporting on a single device, you
have the ability to get visibility into application traffic passing through a single managed
BIG-IP device or an aggregated system (aggregated data for multiple BIG-IP devices.

Anomalies. You can view charts of statistical information in graphs about anomaly attacks,
such as brute force attacks and web scraping attacks. You can use these charts to evaluate
traffic to the web application, and to evaluate the vulnerabilities in the security policy.

DoS. If you have configured DoS protection on the BIG-IP system, you can view charts and
reports that show information about DoS attacks and mitigations in place on the system.